- Newest
- Most votes
- Most comments
EventBridge is managed in the EveentBridge service VPC. No customer has access to that VPC. When you have a rule targeting an event bus, regardless in the same account or a different account, it stays within the EventBridge service. It does not go to the internet, it is not accessible by anyone.
To answer the last part of the question: Traffic between AWS services does not go across the public internet as per the VPC FAQ.
I understand the traffic flows within AWS infrastructure only, but other tenants can still have access to this data, and hence I am looking for a private channel that can be accessed only by the 2 accounts involved in the cross-account integration.
Could you explain why you think that other tenants have access to the data? That's not true unless you have explicitly given a foreign account (i.e. one not controlled by you) access to the EventBridge.
Hi, use EventBridge ad hoc rules to go cross-account: see https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-cross-account.html
Then, Event Bridge encrypts its messages; https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-data-protection.html
I understand the messages will be encrypted using TLS, but I prefer something more secure like MASSL or a private vpc channel.
Relevant content
- asked 2 years ago
- asked 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
thanks Uri. Is this documented anywhere? I would need an AWS artefact confirming this.